Siemens SIMANTIC devices were hit by a cyber attack. A security breach allowed cybercriminals to carry out multiple sophisticated attacks on Siemens SIMATIC devices and the associated TIA Portal. A major blow to the world of cybersecurity. Because it meant that cunning hackers had the opportunity to gain complete control of every PLC per affected Siemens product line.
This is the reality in today's world of Cybersecurity. The number of Phishing attacks continue to rise. There are several reasons for this. One is the fact that it is easy to set up and attackers often achieve their goal. The other main reason is that they are getting increasingly better. So that also means they are reaching their potential victims more and more often. Microsoft's mail security is running into its limits because attackers are getting smarter and using advanced techniques.
Uber the well-known mobility service and Rockstar Games the developer of Grand Theft Auto V have been attacked. The culprit is possibly a notorious 17-year-old hacker from Oxfordshire. According to informal sources, he would also be part of the hacker group LAPSUS$. He is said to be one of the leaders here. Hacking does not come with an age, but it does carry a penalty. For now, there is no further information.
Solid protection against hackers? Try to hack your own software. It is increasingly more common for large software companies to implement what is called a Bug Bounty Program. This is designed to attract ethical hackers. With good intentions, they try to exploit the weaknesses in a system. That way, they can identify flaws and inform the organization. This time, they are rewarded by Google with a compensation if they report the security flaws in a proper way.
77% of security specialists believe we are currently in a never-ending cyber war. About 82% agrees that geopolitics and cybersecurity are closely related. Cyber experts even admit to being convinced that they were victims of a geopolitical attack without knowing anything about it. Interesting, but especially worrisome statements confirm the need for advanced cybersecurity.
Crypto is popular among many people all over the world. Hackers know this all too well. Bitcoin ATM manufacturer General Bytes has confirmed that it fell victim to a cyber attack. A previously unknown bug in its software was exploited to loot cryptocurrency from its users. Digital currency remains an interesting cybercrime target.
The pressure to secure software remains high. Developers are forced to provide constant security updates. Even Apple, with its so-called safest operating system, has been attacked. A vulnerability allowed remote control of devices. Users are urged to install the latest update as quickly as possible. Both companies and consumers are at risk without the new security layer.
The value of crypto has been declining in recent months, but the number of cryptojackers continues to grow. Cryptojackers are cybercriminals who use other devices to mine crypto. They use the electricity and computing power of others to make a profit. To deal with attacks like these, Microsoft and Intel are working together. They are applying Machine Learning to low-level CPU telemetry to detect threats.
Microsoft Defender receives new security tools powered by RiskIQ's Threat Intelligence. This is the perfect outcome of cybersecurity experts working together to achieve a safer digital world. With the new Microsoft Defender Threat Intelligence service and External Attack Surface Management, cybersecurity teams can now act even more precise.
Cyber attacks for political reasons are no longer a surprise. State hackers are actively seeking information from other countries. Belgium reported that its government and army were attacked by Chinese cyber gangs.
Digital threats are reshaping the way businesses operate. Discover a compact list that is of interest to everyone from users to security teams. The most dangerous vulnerabilities that are actively exploited and have a major impact on cybersecurity are highlighted.
Microsoft has become a high profile target for cybercrime. The so-called Raspberry Worm has been detected in hundreds of corporate networks around the world. It spreads to other systems using an infected USB with an .LNK file.
We are familiar with the term Software-as-a-service (SaaS), but a malicious form is now emerging called Ransomware-as-a-service (RaaS). A service from the Blackhat, a well-known hacker group. By offering these services, it is becoming more difficult for security experts to detect them. You can read more about it in this article.
Follina was a zero-day attack within the Microsoft Support Diagnostic Tool. Attackers could execute arbitrary code with the admin permissions of the calling application. In addition, the attacker could install programs, view, modify or delete data. Fortunately, Microsoft came up with a solution on Patch Tuesday in June.
Experts in Cybersecurity. A profession that is highly valued. Due to a scarcity of IT experts, the demand is increasing but the availability is decreasing. Due to the evolutions in cyber attacks, the profession is becoming more and more complex. The annual Voice of SecOPs Report shows that 45% of the respondents are considering leaving the sector because of stress factors.
Cybercrime is on the upswing. They often target organisations that have large amounts of sensitive information. Unfortunately, Kaiser Permanente, a health institute in America, was unable to escape it either. The data breach exposed the health data of 69,000 people.
It is difficult to keep an overview of your software. A bug that was in the software unseen for years is now taking its toll. The weakness is now exploited and the Confluence collaboration tool is unusable. When used, malicious code will be executed remotely.
VMWare, one of the leading companies in cloud computing and virtualisation technology, has been taken over by chip manufacturer Broadcom. This way, Broadcom puts itself in a strong position to grow with data centre infrastructure. The deal amounted to no less than 61 billion dollars.
PWN2OWN is an annual competition during the CanSecWest security conference. Participants are challenged to exploit popular software with known or unknown weaknesses. With respect for ethical hacking, the participants help large organisations to be aware of holes in their software. This year, they managed to exploit Microsoft Teams and Windows 11 on the first day.
Software remains a complex part of the digital world. While fixing critical bugs on Patch Tuesday, other problems came to light. CISA warns not to install the updates on domain controllers due to authentication issues. You can read more about it here.
Lincoln College, built in 1886. A building that has faced many historical disasters such as world wars and financial plunges. But a digital attack in combination with Covid-19 dealt the final blow. Due to a lack of digital security, a ransomware attack wiped out the educational institute.
IT experts are facing a major challenge. The digital footprint of organisations is getting bigger, making cybersecurity a vital part of any organisation. Hybrid work and digital business processes in the cloud have introduced new risks. Cybercriminals show no mercy and will do anything to attack digitally. In this article, you will discover the top trends in Cybersecurity for the year 2022.
Powerful security tools like Intune have a positive impact on your cybersecurity. But many companies overlook an important component: configuration. Configuring all security tools requires high-level expertise. In this article you will read how to implement the security guidelines for Microsoft Intune.
Nerdio Manager provides Azure Virtual Desktop Management. Virtual desktops are created and managed in an intelligent way. Through a cooperation with Microsoft, Nerdio is now also integrated in Microsoft Endpoint Manager for MSPs.
As a software developer, you have to put up with some tough stuff. Especially if you develop popular applications that are well known to users. Malicious parties are constantly looking for weaknesses to attack. Adobe and Chrome provided an emergency update for bugs that were heavily criticised.
The 2022 Olympics is also joining the digital age. Participants are supposed to download the application. But according to security researchers, this app would be a real nightmare in terms of cybersecurity.
Internet Explorer opens a door for cyber criminals to send booby trapped Office files to victims. According to Microsoft, there is no patch yet. The vulnerability is also known as CVE-2021-40444 and is located in MSHTML, the search engine of Internet Explorer.
Device management is an important part of a security strategy. In this article you will read how to gain control over unmanaged PCs. This can be done with the help of Microsoft Azure, Intune and the necessary expertise.
Cybersecurity is important to everyone. Whether you are a user or an IT expert. Understanding the basics of how to protect yourself digitally is a must. But how do you talk about cybersecurity with someone who is not yet as skilled in the digital world? In this article you will discover how to talk about cybersecurity with others.
A whopping 303 security vulnerabilities were discovered between Jan. 1, 2022, and Oct. 5, 2022. That makes Google Chrome the most unsafe Web browser. This is unfortunate because it is also one of the most popular applications. However, this makes the software interesting to attack. This is also the case with Microsoft, for example. Despite the fact that their advanced security is well in place, they too are affected by attacks. As a software vendor, it is important to be able to release updates quickly to plug the holes.
Big players take big hits. Sophos has been a major contributor to the world of security for many years. They provide both security software and hardware. Their Firewall was hit by a Zero-Day attack. Users were informed and are now taking action as soon as possible. If no action is taken, there is a good chance the attackers will take control of their network remotely. Allegedly, the attacks targeted South Asia in particular.
Updates in Google Chrome and Microsoft Edge provided a nifty new tool. The new spell checker allowed users to correct their texts in real time. Unfortunately, this also introduced major security flaws. That was because the spell checker could also read out passwords if you click 'show password' when entering your login credentials. This data is sent to Microsoft and Google. It's recommended that you wait a while before using this tool until a patch is released.
A so-called 'trojan virus' takes us back to the story of the trojan horse. It actually does work in the same way. You get into a system by offering software that looks exactly like the real thing. In other words, it is malware that disguises itself as legitimate software which often means that the user does not suspect anything. In this case, the malicious code is used to mine crypto. In this article, they saw that malicious people had counterfeited Google Translate.
Cybercriminals move along with time. They adjust their strategy, malicious software and approach. The corona measures decreased in recent months, causing the number of holidays to skyrocket. A hacker known as TA558 has been active since 2018 and took notice. He is now increasing his activities and improving his approach with RAR and ISO file attachments or embedded URLs in the messages.
Artificial Intelligence has unprecedented possibilities. The Russian Internet watchdog Roskomnadzor is developing a network that uses AI to scan websites for 'forbidden information'. From photos and videos to chat messages. The so-called Oculus also targets "propaganda" for homosexuality, instructions on how to manufacture weapons or drugs, and misinformation that discredits official state and military sources. Oculus will be ready for use at the end of this year.
Just as we update our software to stay protected, cybercriminals also update their software to attack. The malicious Donot Team has updated its Jaca Windows malware toolkit with enhanced capabilities, including a revamped theft module designed to loot information from Google Chrome and Mozilla Firefox browsers.
As the number of security technologies continues to grow, so does the number of cyber-attacks. MFA or Multifactor Authentication is used to provide initial security for sign-in events. Although it is a fully-fledged security method, there are also criminals who try to bypass it. This is what we see with this phishing kit.
Microsoft wants to fully migrate to Microsoft 365. On Monday, they announced that Office 2016 and Office 2019 can no longer be connected to Microsoft 365 services. These include Exchange Online, Sharepoint Online and OneDrive for Business. The end-of-support will start from October 2023.
A zero-day attack means that a flaw in a system is exploited without the developer knowing about it. This vulnerability in Microsoft Windows allowed attackers to execute malicious code without the user's knowledge. A follow-up to the "Follina incident".
Microsoft is one of the biggest pioneers in digital security. They recognise the need for trust in a world where everything is connected. Microsoft Entra is its new product line that encompasses everything around identity and access security.
Cyber attacks are no longer uncommon these days. Hackers are becoming more and more creative and savvy, so that gateways are discovered more quickly. Microsoft Word turned out to be unsafe due to a zero-day attack characterised as "Follina". According to experts, nothing can be done about this when the code has already been injected.
Managed Service Providers (MSPs) are facing increasingly difficult times. Because they manage entire IT environments of other companies, they are an interesting target for cybercriminals. A security strategy is the only solution.
Microsoft is actively tackling cybercrime. With its team of experts and advanced AI, they play an important role in detecting and solving known weaknesses. Every month on Patch Tuesday, they present solutions to patch the flaws in systems.
Microsoft's innovation provides the next step towards AI cybersecurity. With Microsoft Sentinel SOAR, cyber threats are automatically detected using Artificial Intelligence. This combined with a team of experts ensures a solid defense against cybercriminals.
The digital world remains flexible. For IT professionals as well, flexibility continues to play an important role within their field of work. Microsoft Endpoint Manager (MEM) now gets a Cloud Add-On, which gives them more possibilities to offer remote support.
A network switch is designed to create multiple connections from one network connection without any loss of speed. They are often used in airports, hotels, companies and hospitals. Due to weaknesses in the network switches of Aruba and Avaya, millions of devices are now vulnerable.
The best way to protect yourself from a hacker? According to this article, it is using AI that gets inside a hacker's head. In this way, it predicts which components a hacker would attack first. The technology is also called Darktrace attack path modelling.
Lenovo models were affected by flaws in the firmware. As a result, more than one hundred models were vulnerable to malware. Because they are hidden in the motherboard's flash chip, they are difficult to detect and remove.
The war in Europe is causing international turmoil. The security industry is also bracing itself. It is no longer a secret that state hackers exist. Cyber attacks for political reasons are part of a geopolitical war.
A security strategy for companies is crucial. Zero-day attacks are becoming increasingly common and pose a major threat. They are weaknesses that have been discovered by attackers but not by the software developer. As a result, it can take a long time to fix them, which makes the risk enormous.
To stay one step ahead of cybercriminals, it is important to work together. As the threat of ransomware continued to grow, the US, UK and Australia decided to jointly provide cyber security advice on ransomware threats. In this way, critical infrastructures are uncovered and a solution can be proactively sought.
Multifactor Authentication (MFA) has become the basic of access security. Cybercriminals are aware of this. With MFA you often get a notification on your smartphone to log in. These notifications can now also be faked. In this article you can read how this works.
A cyber attack on ARA caused problems in fuel distribution. ARA stands for Amsterdam, Rotterdam and Antwerp - the nerve centre of Europe's oil and fuel trading network. Cybercriminals target all types of companies.
Technology never ceases to amaze us. This new innovation in a Raspberry Pi means that no software is needed to detect malware. It uses electromagnetic signals to detect other devices. With certain signals it can determine if there is malware on the device.
Patch Tuesday in December provided many bug fixes. Microsoft patched 67 new vulnerabilities, 7 of which are rated "critical". In addition, Apache Log4j is still causing concern. Trend Micro released a tool to analyse affected systems.
An ultimate security strategy also means thinking about Attack Surface Management. This means that you create as few access points as possible to be attacked. In case you are attacked, you are prepared and the attack cannot spread laterally on your network. In this article, you'll read how to prevent cloud and hybrid apps from becoming entry points.